4665 matches found
The vulnerability of the Android operating system, which allows a hacker to gain access to data
The vulnerability in the initial loader of the Android operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow a local attacker to access data beyond their authorized access level. This issue is considered “high” because it could be used to...
The vulnerability of the Android operating system, which allows a perpetrator to trigger a service failure or otherwise affect the system.
The vulnerability of the Audioserver component in the Android operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor to cause service failures or otherwise affect the system...
Dell Data Protection Advisor (DPA) Detection (HTTP)
HTTP based detection of Dell Data Protection Advisor DPA. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EMC Data Protection Advisor Directory Traversal Vulnerability (Jan 2017)
EMC Data Protection Advisor is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
The vulnerability of the Android operating system, which allows a perpetrator to trigger a service failure or otherwise affect the system.
The vulnerability of the ih264d decoder in the Android operating system’s media server is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor to cause service failures or otherwise affect the system...
The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure or otherwise affect the system.
The vulnerability of the PDFium component in the Google Chrome browser is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor to cause service failures or otherwise affect the system through a specially created PDF file...
The vulnerability of the Internet Explorer browser allows a perpetrator to obtain confidential information from the process memory.
The vulnerability of the Internet Explorer browser is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to obtain confidential information from the process’s memory through a specially crafted web page...
LocalTapiola: SQL Injection on /webApp/lapsuudenturva (viestinta.lahitapiola.fi)
Issue The reporter found a blind SQL Injection attack in an application in viestinta.lahitapiola.fi. Fix The issue was investigated and found to be valid. The fix was to remove the application as it was not needed. Reasoning The reported case was valid and within the scope of the bug bounty...
Protect your data from ransom attacks
I wanted to bring attention to two blog posts we have done recently in response to the recent set of data ransom attacks affecting Elasticsearch and other systems. The two are: For Elasticsearch: Protecting Against Attacks that Hold Your Data for Ransom For Kibana: Guarding Kibana from Data...
FAQ: Cloud backup of XenMobile managed devices
Is the Worx data encrypted within the backup? If so what is the encryption level? Yes, as Xenmobile uses the iCloud services from Apple for backing up the data: iCloud secures your data by encrypting it when it's sent over the Internet, storing it in an encrypted format when kept on server review...
The vulnerability of the Android operating system, which allows a perpetrator to trigger a service failure or otherwise affect the system.
The vulnerability of the STMicroelectronics Android operating system driver is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor to cause service failures or otherwise affect the system...
The vulnerability of the Android operating system, which allows a perpetrator to trigger a service failure or otherwise affect the system.
The vulnerability of the STMicroelectronics operating system’s driver is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker to cause a service failure or otherwise affect the system...
Update Rollup 11 for System Center 2012 R2 Data Protection Manager
Update Rollup 11 for System Center 2012 R2 Data Protection Manager Introduction This article describes the issues that are fixed in Update Rollup 11 for Microsoft System Center 2012 R2 Data Protection Manager. It also contains the installation instructions for this update. Note We recommend that...
Over 27,000 MongoDB Databases Held For Ransom Within A Week
The ransomware attacks on poorly secured MongoDB installations have doubled in just a day. A hacker going by the handle Harak1r1 is accessing, copying and deleting unpatched or badly-configured MongoDB databases and then threatening administrators to ransom in exchange of the lost data. It all...
VMware vSphere Data Protection Private SSH Key Authentication Bypass (VMSA-2016-0024)
The version of VMware vSphere Data Protection installed on the remote host is 5.5.x / 5.8.x / 6.0.x / 6.1.x. It is, therefore, affected by an authentication bypass vulnerability due to the use of an SSH private key that has a known password and which is configured to allow key-based authenticatio...
MS16-155: Description of the Security and Quality Rollup .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, and 4.6.2 updates for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2: December 13, 2016
MS16-155: Description of the Security and Quality Rollup .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, and 4.6.2 updates for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2: December 13, 2016 View products that this article applies to. Summary This December 13, 2016, Security and Quality Rollup...
Description of Update Rollup 5 for System Center 2012 R2 Data Protection Manager
Description of Update Rollup 5 for System Center 2012 R2 Data Protection Manager Introduction This article describes the issues that are fixed in Update Rollup 5 for Microsoft System Center 2012 R2 Data Protection Manager. Additionally, this article contains the installation instructions for Upda...
Update Rollup 8 for System Center 2012 R2 Data Protection Manager
Update Rollup 8 for System Center 2012 R2 Data Protection Manager Introduction This article describes the issues that are fixed in Update Rollup 8 for Microsoft System Center 2012 R2 Data Protection Manager. It also contains the installation instructions for Update Rollup 8 for System Center 2012...
Update Rollup 8 for System Center 2012 Data Protection Manager SP1
Update Rollup 8 for System Center 2012 Data Protection Manager SP1 This article describes the issues that are fixed in Update Rollup 8 for Microsoft System Center 2012 Data Protection Manager DPM Service Pack 1 SP1. Additionally, this article contains the installation instructions for Update Roll...
Update Rollup 10 for System Center 2012 R2 Data Protection Manager
Update Rollup 10 for System Center 2012 R2 Data Protection Manager Introduction This article describes the issues that are fixed in Update Rollup 10 for Microsoft System Center 2012 R2 Data Protection Manager. Additionally, this article contains the installation instructions for this update. Note...